ReactOS 0.4.15-dev-8348-gc1b9bb5
eventlog.c
Go to the documentation of this file.
1/*
2 * Win32 advapi functions
3 *
4 * Copyright 1995 Sven Verdoolaege
5 * Copyright 1998 Juergen Schmied
6 * Copyright 2003 Mike Hearn
7 * Copyright 2007 Hervé Poussineau
8 *
9 * This library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public
11 * License as published by the Free Software Foundation; either
12 * version 2.1 of the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22 */
23
24/* INCLUDES ******************************************************************/
25
26#include <advapi32.h>
27
28#include <ndk/kefuncs.h>
29#include <eventlogrpc_c.h>
30
32
33static RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" };
34static RPC_STRING EmptyStringA = { 0, 0, "" };
35
36
37/* FUNCTIONS *****************************************************************/
38
41{
43 RPC_CSTR pszStringBinding;
45
46 TRACE("EVENTLOG_HANDLE_A_bind() called\n");
47
49 (RPC_CSTR)"ncacn_np",
50 (RPC_CSTR)UNCServerName,
51 (RPC_CSTR)"\\pipe\\EventLog",
52 NULL,
53 &pszStringBinding);
54 if (status)
55 {
56 ERR("RpcStringBindingCompose returned 0x%x\n", status);
57 return NULL;
58 }
59
60 /* Set the binding handle that will be used to bind to the server. */
61 status = RpcBindingFromStringBindingA(pszStringBinding,
62 &hBinding);
63 if (status != RPC_S_OK)
64 {
65 ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
66 }
67
68 status = RpcStringFreeA(&pszStringBinding);
69 if (status != RPC_S_OK)
70 {
71 ERR("RpcStringFree returned 0x%x\n", status);
72 }
73
74 return hBinding;
75}
76
77
78void __RPC_USER
81{
83
84 TRACE("EVENTLOG_HANDLE_A_unbind() called\n");
85
87 if (status != RPC_S_OK)
88 {
89 ERR("RpcBindingFree returned 0x%x\n", status);
90 }
91}
92
93
96{
98 RPC_WSTR pszStringBinding;
100
101 TRACE("EVENTLOG_HANDLE_W_bind() called\n");
102
104 L"ncacn_np",
105 UNCServerName,
106 L"\\pipe\\EventLog",
107 NULL,
108 &pszStringBinding);
109 if (status != RPC_S_OK)
110 {
111 ERR("RpcStringBindingCompose returned 0x%x\n", status);
112 return NULL;
113 }
114
115 /* Set the binding handle that will be used to bind to the server. */
116 status = RpcBindingFromStringBindingW(pszStringBinding,
117 &hBinding);
118 if (status != RPC_S_OK)
119 {
120 ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
121 }
122
123 status = RpcStringFreeW(&pszStringBinding);
124 if (status != RPC_S_OK)
125 {
126 ERR("RpcStringFree returned 0x%x\n", status);
127 }
128
129 return hBinding;
130}
131
132
133void __RPC_USER
136{
138
139 TRACE("EVENTLOG_HANDLE_W_unbind() called\n");
140
142 if (status != RPC_S_OK)
143 {
144 ERR("RpcBindingFree returned 0x%x\n", status);
145 }
146}
147
148
149/******************************************************************************
150 * BackupEventLogA [ADVAPI32.@]
151 */
153NTAPI
155 IN PANSI_STRING BackupFileNameA)
156{
158
159 if (!BackupFileNameA || (BackupFileNameA->Length == 0))
161
163 {
164 Status = ElfrBackupELFA(hEventLog,
165 (PRPC_STRING)BackupFileNameA);
166 }
168 {
170 }
172
173 return Status;
174}
175
178 IN LPCSTR lpBackupFileName)
179{
182 ANSI_STRING BackupFileNameA;
183 UNICODE_STRING BackupFileNameW;
184
185 TRACE("%p, %s\n", hEventLog, lpBackupFileName);
186
187 if (lpBackupFileName == NULL)
188 {
190 return FALSE;
191 }
192
193 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
194
195 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
196 &BackupFileNameA,
197 TRUE);
198 if (!NT_SUCCESS(Status))
199 {
201 return FALSE;
202 }
203
204 Success = BackupEventLogW(hEventLog,
205 BackupFileNameW.Buffer);
206
207 RtlFreeUnicodeString(&BackupFileNameW);
208
209 return Success;
210}
211
212
213/******************************************************************************
214 * BackupEventLogW [ADVAPI32.@]
215 *
216 * PARAMS
217 * hEventLog []
218 * lpBackupFileName []
219 */
221NTAPI
223 IN PUNICODE_STRING BackupFileNameU)
224{
226
227 if (!BackupFileNameU || (BackupFileNameU->Length == 0))
229
231 {
232 Status = ElfrBackupELFW(hEventLog,
233 (PRPC_UNICODE_STRING)BackupFileNameU);
234 }
236 {
238 }
240
241 return Status;
242}
243
246 IN LPCWSTR lpBackupFileName)
247{
249 UNICODE_STRING BackupFileName;
250
251 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
252
253 if (lpBackupFileName == NULL)
254 {
256 return FALSE;
257 }
258
259 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
260 NULL, NULL))
261 {
263 return FALSE;
264 }
265
266 Status = ElfBackupEventLogFileW(hEventLog, &BackupFileName);
267
268 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
269
270 if (!NT_SUCCESS(Status))
271 {
273 return FALSE;
274 }
275
276 return TRUE;
277}
278
279
280/******************************************************************************
281 * ClearEventLogA [ADVAPI32.@]
282 */
284NTAPI
286 IN PANSI_STRING BackupFileNameA)
287{
289
291 {
292 Status = ElfrClearELFA(hEventLog,
293 (PRPC_STRING)BackupFileNameA);
294 }
296 {
298 }
300
301 return Status;
302}
303
306 IN LPCSTR lpBackupFileName)
307{
310 ANSI_STRING BackupFileNameA;
311 UNICODE_STRING BackupFileNameW;
312
313 TRACE("%p, %s\n", hEventLog, lpBackupFileName);
314
315 if (lpBackupFileName == NULL)
316 {
317 RtlInitUnicodeString(&BackupFileNameW, NULL);
318 }
319 else
320 {
321 RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
322
323 Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
324 &BackupFileNameA,
325 TRUE);
326 if (!NT_SUCCESS(Status))
327 {
329 return FALSE;
330 }
331 }
332
333 Success = ClearEventLogW(hEventLog,
334 BackupFileNameW.Buffer);
335
336 RtlFreeUnicodeString(&BackupFileNameW);
337
338 return Success;
339}
340
341
342/******************************************************************************
343 * ClearEventLogW [ADVAPI32.@]
344 */
346NTAPI
348 IN PUNICODE_STRING BackupFileNameU)
349{
351
353 {
354 Status = ElfrClearELFW(hEventLog,
355 (PRPC_UNICODE_STRING)BackupFileNameU);
356 }
358 {
360 }
362
363 return Status;
364}
365
368 IN LPCWSTR lpBackupFileName)
369{
371 UNICODE_STRING BackupFileName;
372
373 TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
374
375 if (lpBackupFileName == NULL)
376 {
377 RtlInitUnicodeString(&BackupFileName, NULL);
378 }
379 else
380 {
381 if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
382 NULL, NULL))
383 {
385 return FALSE;
386 }
387 }
388
389 Status = ElfClearEventLogFileW(hEventLog, &BackupFileName);
390
391 if (lpBackupFileName != NULL)
392 RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
393
394 if (!NT_SUCCESS(Status))
395 {
397 return FALSE;
398 }
399
400 return TRUE;
401}
402
403
404/******************************************************************************
405 * CloseEventLog [ADVAPI32.@]
406 */
408NTAPI
410{
412
414 {
415 Status = ElfrCloseEL(&hEventLog);
416 }
418 {
420 }
422
423 return Status;
424}
425
428{
430
431 TRACE("%p\n", hEventLog);
432
433 Status = ElfCloseEventLog(hEventLog);
434 if (!NT_SUCCESS(Status))
435 {
437 return FALSE;
438 }
439
440 return TRUE;
441}
442
443
444/******************************************************************************
445 * DeregisterEventSource [ADVAPI32.@]
446 * Closes a handle to the specified event log
447 *
448 * PARAMS
449 * hEventLog [I] Handle to event log
450 *
451 * RETURNS STD
452 */
454NTAPI
456{
458
460 {
461 Status = ElfrDeregisterEventSource(&hEventLog);
462 }
464 {
466 }
468
469 return Status;
470}
471
474{
476
477 TRACE("%p\n", hEventLog);
478
479 Status = ElfDeregisterEventSource(hEventLog);
480 if (!NT_SUCCESS(Status))
481 {
483 return FALSE;
484 }
485
486 return TRUE;
487}
488
489
490/******************************************************************************
491 * GetEventLogInformation [ADVAPI32.@]
492 *
493 * PARAMS
494 * hEventLog [I] Handle to event log
495 * dwInfoLevel [I] Level of event log information to return
496 * lpBuffer [O] Buffer that receives the event log information
497 * cbBufSize [I] Size of the lpBuffer buffer
498 * pcbBytesNeeded [O] Required buffer size
499 */
506{
508
510 {
512 return FALSE;
513 }
514
516 {
517 Status = ElfrGetLogInformation(hEventLog,
520 cbBufSize,
522 }
524 {
526 }
528
529 if (!NT_SUCCESS(Status))
530 {
532 return FALSE;
533 }
534
535 return TRUE;
536}
537
538
539/******************************************************************************
540 * GetNumberOfEventLogRecords [ADVAPI32.@]
541 *
542 * PARAMS
543 * hEventLog []
544 * NumberOfRecords []
545 */
547NTAPI
549 OUT PULONG NumberOfRecords)
550{
552
553 if (!NumberOfRecords)
555
557 {
558 Status = ElfrNumberOfRecords(hEventLog, NumberOfRecords);
559 }
561 {
563 }
565
566 return Status;
567}
568
571 OUT PDWORD NumberOfRecords)
572{
574
575 TRACE("%p, %p\n", hEventLog, NumberOfRecords);
576
577 Status = ElfNumberOfRecords(hEventLog, NumberOfRecords);
578 if (!NT_SUCCESS(Status))
579 {
581 return FALSE;
582 }
583
584 return TRUE;
585}
586
587
588/******************************************************************************
589 * GetOldestEventLogRecord [ADVAPI32.@]
590 *
591 * PARAMS
592 * hEventLog []
593 * OldestRecord []
594 */
596NTAPI
598 OUT PULONG OldestRecordNumber)
599{
601
602 if (!OldestRecordNumber)
604
606 {
607 Status = ElfrOldestRecord(hEventLog, OldestRecordNumber);
608 }
610 {
612 }
614
615 return Status;
616}
617
620 OUT PDWORD OldestRecord)
621{
623
624 TRACE("%p, %p\n", hEventLog, OldestRecord);
625
626 Status = ElfOldestRecord(hEventLog, OldestRecord);
627 if (!NT_SUCCESS(Status))
628 {
630 return FALSE;
631 }
632
633 return TRUE;
634}
635
636
637/******************************************************************************
638 * NotifyChangeEventLog [ADVAPI32.@]
639 *
640 * PARAMS
641 * hEventLog []
642 * hEvent []
643 */
645NTAPI
648{
650 CLIENT_ID ClientId = NtCurrentTeb()->ClientId;
651 RPC_CLIENT_ID RpcClientId;
652
655
657 {
658 Status = ElfrChangeNotify(hEventLog, RpcClientId, HandleToUlong(hEvent));
659 }
661 {
663 }
665
666 return Status;
667}
668
672{
674
675 TRACE("%p, %p\n", hEventLog, hEvent);
676
677 Status = ElfChangeNotify(hEventLog, hEvent);
678 if (!NT_SUCCESS(Status))
679 {
681 return FALSE;
682 }
683
684 return TRUE;
685}
686
687
688/******************************************************************************
689 * OpenBackupEventLogA [ADVAPI32.@]
690 */
692NTAPI
694 IN PANSI_STRING BackupFileNameA,
695 OUT PHANDLE phEventLog)
696{
698 PSTR pUNCServerName = NULL;
699
700 if (!phEventLog || !BackupFileNameA || (BackupFileNameA->Length == 0))
702
703 if (UNCServerNameA && (UNCServerNameA->Length != 0))
704 pUNCServerName = UNCServerNameA->Buffer;
705
706 *phEventLog = NULL;
707
709 {
710 Status = ElfrOpenBELA(pUNCServerName,
711 (PRPC_STRING)BackupFileNameA,
712 1, 1,
713 (IELF_HANDLE*)phEventLog);
714 }
716 {
718 }
720
721 return Status;
722}
723
727{
730 ANSI_STRING UNCServerNameA;
731 UNICODE_STRING UNCServerNameW;
733 UNICODE_STRING FileNameW;
734
735 TRACE("%s, %s\n", lpUNCServerName, lpFileName);
736
737 /* Convert the server name to unicode */
738 if (lpUNCServerName == NULL)
739 {
740 RtlInitUnicodeString(&UNCServerNameW, NULL);
741 }
742 else
743 {
744 RtlInitAnsiString(&UNCServerNameA, lpUNCServerName);
745
746 Status = RtlAnsiStringToUnicodeString(&UNCServerNameW,
747 &UNCServerNameA,
748 TRUE);
749 if (!NT_SUCCESS(Status))
750 {
752 return NULL;
753 }
754 }
755
756 /* Convert the file name to unicode */
757 if (lpFileName == NULL)
758 {
759 RtlInitUnicodeString(&FileNameW, NULL);
760 }
761 else
762 {
764
766 &FileNameA,
767 TRUE);
768 if (!NT_SUCCESS(Status))
769 {
770 RtlFreeUnicodeString(&UNCServerNameW);
772 return NULL;
773 }
774 }
775
776 /* Call the unicode function */
777 LogHandle = OpenBackupEventLogW(UNCServerNameW.Buffer,
778 FileNameW.Buffer);
779
780 /* Free the unicode strings */
781 RtlFreeUnicodeString(&UNCServerNameW);
782 RtlFreeUnicodeString(&FileNameW);
783
784 return LogHandle;
785}
786
787
788/******************************************************************************
789 * OpenBackupEventLogW [ADVAPI32.@]
790 *
791 * PARAMS
792 * lpUNCServerName []
793 * lpFileName []
794 */
796NTAPI
798 IN PUNICODE_STRING BackupFileNameU,
799 OUT PHANDLE phEventLog)
800{
802 PWSTR pUNCServerName = NULL;
803
804 if (!phEventLog || !BackupFileNameU || (BackupFileNameU->Length == 0))
806
807 if (UNCServerNameU && (UNCServerNameU->Length != 0))
808 pUNCServerName = UNCServerNameU->Buffer;
809
810 *phEventLog = NULL;
811
813 {
814 Status = ElfrOpenBELW(pUNCServerName,
815 (PRPC_UNICODE_STRING)BackupFileNameU,
816 1,
817 1,
818 (IELF_HANDLE*)phEventLog);
819 }
821 {
823 }
825
826 return Status;
827}
828
832{
834 HANDLE hEventLog;
835 UNICODE_STRING UNCServerName, FileName;
836
837 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpFileName));
838
839 if (lpFileName == NULL)
840 {
842 return NULL;
843 }
844
846 NULL, NULL))
847 {
849 return NULL;
850 }
851
852 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
853
854 Status = ElfOpenBackupEventLogW(&UNCServerName, &FileName, &hEventLog);
855
856 if (FileName.Buffer != NULL)
857 RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
858
859 if (!NT_SUCCESS(Status))
860 {
862 return NULL;
863 }
864
865 return hEventLog;
866}
867
868
869/******************************************************************************
870 * OpenEventLogA [ADVAPI32.@]
871 *
872 * Opens a handle to the specified event log.
873 *
874 * PARAMS
875 * lpUNCServerName [I] UNC name of the server on which the event log is
876 * opened.
877 * lpSourceName [I] Name of the log.
878 *
879 * RETURNS
880 * Success: Handle to an event log.
881 * Failure: NULL
882 */
884NTAPI
886 IN PANSI_STRING SourceNameA,
887 OUT PHANDLE phEventLog)
888{
890 PSTR pUNCServerName = NULL;
891
892 if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
894
895 if (UNCServerNameA && (UNCServerNameA->Length != 0))
896 pUNCServerName = UNCServerNameA->Buffer;
897
898 *phEventLog = NULL;
899
901 {
902 Status = ElfrOpenELA(pUNCServerName,
903 (PRPC_STRING)SourceNameA,
905 1,
906 1,
907 (IELF_HANDLE*)phEventLog);
908 }
910 {
912 }
914
915 return Status;
916}
917
919OpenEventLogA(IN LPCSTR lpUNCServerName,
920 IN LPCSTR lpSourceName)
921{
923 HANDLE hEventLog;
924 ANSI_STRING UNCServerName, SourceName;
925
926 TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
927
928 RtlInitAnsiString(&UNCServerName, lpUNCServerName);
929 RtlInitAnsiString(&SourceName, lpSourceName);
930
931 Status = ElfOpenEventLogA(&UNCServerName, &SourceName, &hEventLog);
932 if (!NT_SUCCESS(Status))
933 {
935 return NULL;
936 }
937
938 return hEventLog;
939}
940
941
942/******************************************************************************
943 * OpenEventLogW [ADVAPI32.@]
944 *
945 * PARAMS
946 * lpUNCServerName []
947 * lpSourceName []
948 */
950NTAPI
952 IN PUNICODE_STRING SourceNameU,
953 OUT PHANDLE phEventLog)
954{
956 PWSTR pUNCServerName = NULL;
957
958 if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
960
961 if (UNCServerNameU && (UNCServerNameU->Length != 0))
962 pUNCServerName = UNCServerNameU->Buffer;
963
964 *phEventLog = NULL;
965
967 {
968 Status = ElfrOpenELW(pUNCServerName,
969 (PRPC_UNICODE_STRING)SourceNameU,
971 1,
972 1,
973 (IELF_HANDLE*)phEventLog);
974 }
976 {
978 }
980
981 return Status;
982}
983
985OpenEventLogW(IN LPCWSTR lpUNCServerName,
986 IN LPCWSTR lpSourceName)
987{
989 HANDLE hEventLog;
990 UNICODE_STRING UNCServerName, SourceName;
991
992 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
993
994 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
995 RtlInitUnicodeString(&SourceName, lpSourceName);
996
997 Status = ElfOpenEventLogW(&UNCServerName, &SourceName, &hEventLog);
998 if (!NT_SUCCESS(Status))
999 {
1001 return NULL;
1002 }
1003
1004 return hEventLog;
1005}
1006
1007
1008/******************************************************************************
1009 * ReadEventLogA [ADVAPI32.@]
1010 */
1012NTAPI
1014 IN ULONG ReadFlags,
1015 IN ULONG RecordOffset,
1017 IN ULONG NumberOfBytesToRead,
1018 OUT PULONG NumberOfBytesRead,
1019 OUT PULONG MinNumberOfBytesNeeded)
1020{
1022 ULONG Flags;
1023
1024 if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1025 {
1027 }
1028
1031 {
1033 }
1034
1037 {
1039 }
1040
1042 {
1043 Status = ElfrReadELA(hEventLog,
1044 ReadFlags,
1045 RecordOffset,
1046 NumberOfBytesToRead,
1047 Buffer,
1048 NumberOfBytesRead,
1049 MinNumberOfBytesNeeded);
1050 }
1052 {
1054 }
1056
1057 return Status;
1058}
1059
1062 IN DWORD dwReadFlags,
1063 IN DWORD dwRecordOffset,
1065 IN DWORD nNumberOfBytesToRead,
1066 OUT DWORD *pnBytesRead,
1067 OUT DWORD *pnMinNumberOfBytesNeeded)
1068{
1070
1071 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1072 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1073 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1074
1075 Status = ElfReadEventLogA(hEventLog,
1076 dwReadFlags,
1077 dwRecordOffset,
1078 lpBuffer,
1079 nNumberOfBytesToRead,
1080 pnBytesRead,
1081 pnMinNumberOfBytesNeeded);
1082 if (!NT_SUCCESS(Status))
1083 {
1085 return FALSE;
1086 }
1087
1088 return TRUE;
1089}
1090
1091
1092/******************************************************************************
1093 * ReadEventLogW [ADVAPI32.@]
1094 *
1095 * PARAMS
1096 * hEventLog []
1097 * dwReadFlags []
1098 * dwRecordOffset []
1099 * lpBuffer []
1100 * nNumberOfBytesToRead []
1101 * pnBytesRead []
1102 * pnMinNumberOfBytesNeeded []
1103 */
1105NTAPI
1107 IN ULONG ReadFlags,
1108 IN ULONG RecordOffset,
1110 IN ULONG NumberOfBytesToRead,
1111 OUT PULONG NumberOfBytesRead,
1112 OUT PULONG MinNumberOfBytesNeeded)
1113{
1115 ULONG Flags;
1116
1117 if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1118 {
1120 }
1121
1124 {
1126 }
1127
1130 {
1132 }
1133
1135 {
1136 Status = ElfrReadELW(hEventLog,
1137 ReadFlags,
1138 RecordOffset,
1139 NumberOfBytesToRead,
1140 Buffer,
1141 NumberOfBytesRead,
1142 MinNumberOfBytesNeeded);
1143 }
1145 {
1147 }
1149
1150 return Status;
1151}
1152
1155 IN DWORD dwReadFlags,
1156 IN DWORD dwRecordOffset,
1158 IN DWORD nNumberOfBytesToRead,
1159 OUT DWORD *pnBytesRead,
1160 OUT DWORD *pnMinNumberOfBytesNeeded)
1161{
1163
1164 TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1165 hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1166 nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1167
1168 Status = ElfReadEventLogW(hEventLog,
1169 dwReadFlags,
1170 dwRecordOffset,
1171 lpBuffer,
1172 nNumberOfBytesToRead,
1173 pnBytesRead,
1174 pnMinNumberOfBytesNeeded);
1175 if (!NT_SUCCESS(Status))
1176 {
1178 return FALSE;
1179 }
1180
1181 return TRUE;
1182}
1183
1184
1185/******************************************************************************
1186 * RegisterEventSourceA [ADVAPI32.@]
1187 */
1189NTAPI
1191 IN PANSI_STRING SourceNameA,
1192 OUT PHANDLE phEventLog)
1193{
1195 PSTR pUNCServerName = NULL;
1196
1197 if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
1199
1200 if (UNCServerNameA && (UNCServerNameA->Length != 0))
1201 pUNCServerName = UNCServerNameA->Buffer;
1202
1203 *phEventLog = NULL;
1204
1206 {
1207 Status = ElfrRegisterEventSourceA(pUNCServerName,
1208 (PRPC_STRING)SourceNameA,
1209 &EmptyStringA,
1210 1,
1211 1,
1212 (IELF_HANDLE*)phEventLog);
1213 }
1215 {
1217 }
1219
1220 return Status;
1221}
1222
1225 IN LPCSTR lpSourceName)
1226{
1228 HANDLE hEventLog;
1229 ANSI_STRING UNCServerName, SourceName;
1230
1231 TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
1232
1233 RtlInitAnsiString(&UNCServerName, lpUNCServerName);
1234 RtlInitAnsiString(&SourceName, lpSourceName);
1235
1236 Status = ElfRegisterEventSourceA(&UNCServerName, &SourceName, &hEventLog);
1237 if (!NT_SUCCESS(Status))
1238 {
1240 return NULL;
1241 }
1242
1243 return hEventLog;
1244}
1245
1246
1247/******************************************************************************
1248 * RegisterEventSourceW [ADVAPI32.@]
1249 * Returns a registered handle to an event log
1250 *
1251 * PARAMS
1252 * lpUNCServerName [I] Server name for source
1253 * lpSourceName [I] Source name for registered handle
1254 *
1255 * RETURNS
1256 * Success: Handle
1257 * Failure: NULL
1258 */
1260NTAPI
1262 IN PUNICODE_STRING SourceNameU,
1263 OUT PHANDLE phEventLog)
1264{
1266 PWSTR pUNCServerName = NULL;
1267
1268 if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
1270
1271 if (UNCServerNameU && (UNCServerNameU->Length != 0))
1272 pUNCServerName = UNCServerNameU->Buffer;
1273
1274 *phEventLog = NULL;
1275
1277 {
1278 Status = ElfrRegisterEventSourceW(pUNCServerName,
1279 (PRPC_UNICODE_STRING)SourceNameU,
1280 &EmptyStringU,
1281 1,
1282 1,
1283 (IELF_HANDLE*)phEventLog);
1284 }
1286 {
1288 }
1290
1291 return Status;
1292}
1293
1296 IN LPCWSTR lpSourceName)
1297{
1299 HANDLE hEventLog;
1300 UNICODE_STRING UNCServerName, SourceName;
1301
1302 TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
1303
1304 RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
1305 RtlInitUnicodeString(&SourceName, lpSourceName);
1306
1307 Status = ElfRegisterEventSourceW(&UNCServerName, &SourceName, &hEventLog);
1308 if (!NT_SUCCESS(Status))
1309 {
1311 return NULL;
1312 }
1313
1314 return hEventLog;
1315}
1316
1317
1318/******************************************************************************
1319 * ReportEventA [ADVAPI32.@]
1320 */
1322NTAPI
1325 IN USHORT EventCategory,
1326 IN ULONG EventID,
1327 IN PSID UserSID,
1331 IN PVOID Data,
1332 IN USHORT Flags,
1333 IN OUT PULONG RecordNumber,
1334 IN OUT PULONG TimeWritten)
1335{
1337 LARGE_INTEGER SystemTime;
1338 ULONG Time;
1339 ULONG dwSize;
1340 ANSI_STRING ComputerName;
1341 CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1342
1343 dwSize = ARRAYSIZE(szComputerName);
1344 GetComputerNameA(szComputerName, &dwSize);
1345 RtlInitAnsiString(&ComputerName, szComputerName);
1346
1347 NtQuerySystemTime(&SystemTime);
1348 RtlTimeToSecondsSince1970(&SystemTime, &Time);
1349
1351 {
1352 Status = ElfrReportEventA(hEventLog,
1353 Time,
1354 EventType,
1355 EventCategory,
1356 EventID,
1357 NumStrings,
1358 DataSize,
1359 (PRPC_STRING)&ComputerName,
1360 (PRPC_SID)UserSID,
1362 Data,
1363 Flags,
1364 RecordNumber,
1365 TimeWritten);
1366 }
1368 {
1370 }
1372
1373 return Status;
1374}
1375
1378 IN WORD wType,
1379 IN WORD wCategory,
1380 IN DWORD dwEventID,
1381 IN PSID lpUserSid,
1382 IN WORD wNumStrings,
1383 IN DWORD dwDataSize,
1384 IN LPCSTR *lpStrings,
1385 IN LPVOID lpRawData)
1386{
1389 WORD i;
1390
1391 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1392 hEventLog, wType, wCategory, dwEventID, lpUserSid,
1393 wNumStrings, dwDataSize, lpStrings, lpRawData);
1394
1397 wNumStrings * sizeof(PANSI_STRING));
1398 if (!Strings)
1399 {
1401 return FALSE;
1402 }
1403
1404 for (i = 0; i < wNumStrings; i++)
1405 {
1408 sizeof(ANSI_STRING));
1409 if (Strings[i])
1410 {
1411 RtlInitAnsiString(Strings[i], lpStrings[i]);
1412 }
1413 }
1414
1415 Status = ElfReportEventA(hEventLog,
1416 wType,
1417 wCategory,
1418 dwEventID,
1419 lpUserSid,
1420 wNumStrings,
1421 dwDataSize,
1422 Strings,
1423 lpRawData,
1424 0,
1425 NULL,
1426 NULL);
1427
1428 for (i = 0; i < wNumStrings; i++)
1429 {
1430 if (Strings[i] != NULL)
1432 }
1433
1435
1436 if (!NT_SUCCESS(Status))
1437 {
1439 return FALSE;
1440 }
1441
1442 return TRUE;
1443}
1444
1445
1446/******************************************************************************
1447 * ReportEventW [ADVAPI32.@]
1448 *
1449 * PARAMS
1450 * hEventLog []
1451 * wType []
1452 * wCategory []
1453 * dwEventID []
1454 * lpUserSid []
1455 * wNumStrings []
1456 * dwDataSize []
1457 * lpStrings []
1458 * lpRawData []
1459 */
1461NTAPI
1464 IN USHORT EventCategory,
1465 IN ULONG EventID,
1466 IN PSID UserSID,
1470 IN PVOID Data,
1471 IN USHORT Flags,
1472 IN OUT PULONG RecordNumber,
1473 IN OUT PULONG TimeWritten)
1474{
1476 LARGE_INTEGER SystemTime;
1477 ULONG Time;
1478 ULONG dwSize;
1479 UNICODE_STRING ComputerName;
1480 WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1481
1482 dwSize = ARRAYSIZE(szComputerName);
1483 GetComputerNameW(szComputerName, &dwSize);
1484 RtlInitUnicodeString(&ComputerName, szComputerName);
1485
1486 NtQuerySystemTime(&SystemTime);
1487 RtlTimeToSecondsSince1970(&SystemTime, &Time);
1488
1490 {
1491 Status = ElfrReportEventW(hEventLog,
1492 Time,
1493 EventType,
1494 EventCategory,
1495 EventID,
1496 NumStrings,
1497 DataSize,
1498 (PRPC_UNICODE_STRING)&ComputerName,
1499 (PRPC_SID)UserSID,
1501 Data,
1502 Flags,
1503 RecordNumber,
1504 TimeWritten);
1505 }
1507 {
1509 }
1511
1512 return Status;
1513}
1514
1517 IN WORD wType,
1518 IN WORD wCategory,
1519 IN DWORD dwEventID,
1520 IN PSID lpUserSid,
1521 IN WORD wNumStrings,
1522 IN DWORD dwDataSize,
1523 IN LPCWSTR *lpStrings,
1524 IN LPVOID lpRawData)
1525{
1528 WORD i;
1529
1530 TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1531 hEventLog, wType, wCategory, dwEventID, lpUserSid,
1532 wNumStrings, dwDataSize, lpStrings, lpRawData);
1533
1536 wNumStrings * sizeof(PUNICODE_STRING));
1537 if (!Strings)
1538 {
1540 return FALSE;
1541 }
1542
1543 for (i = 0; i < wNumStrings; i++)
1544 {
1547 sizeof(UNICODE_STRING));
1548 if (Strings[i])
1549 {
1550 RtlInitUnicodeString(Strings[i], lpStrings[i]);
1551 }
1552 }
1553
1554 Status = ElfReportEventW(hEventLog,
1555 wType,
1556 wCategory,
1557 dwEventID,
1558 lpUserSid,
1559 wNumStrings,
1560 dwDataSize,
1561 Strings,
1562 lpRawData,
1563 0,
1564 NULL,
1565 NULL);
1566
1567 for (i = 0; i < wNumStrings; i++)
1568 {
1569 if (Strings[i] != NULL)
1571 }
1572
1574
1575 if (!NT_SUCCESS(Status))
1576 {
1578 return FALSE;
1579 }
1580
1581 return TRUE;
1582}
1583
1585NTAPI
1587 IN ULONG Time,
1588 IN PUNICODE_STRING ComputerName,
1590 IN USHORT EventCategory,
1591 IN ULONG EventID,
1592 IN PSID UserSID,
1597 IN PVOID Data,
1598 IN USHORT Flags,
1599 IN OUT PULONG RecordNumber,
1600 IN OUT PULONG TimeWritten)
1601{
1603
1605 {
1607 Time,
1608 EventType,
1609 EventCategory,
1610 EventID,
1612 NumStrings,
1613 DataSize,
1614 (PRPC_UNICODE_STRING)ComputerName,
1615 (PRPC_SID)UserSID,
1617 (PBYTE)Data,
1618 Flags,
1619 RecordNumber,
1620 TimeWritten);
1621 }
1623 {
1625 }
1627
1628 return Status;
1629}
1630
1632NTAPI
1634{
1636
1638 {
1639 Status = ElfrFlushEL(hEventLog);
1640 }
1642 {
1644 }
1646
1647 return Status;
1648}
static const CHAR FileNameA[]
WCHAR SourceName[256]
Definition: arping.c:28
#define WINE_DEFAULT_DEBUG_CHANNEL(t)
Definition: precomp.h:23
LONG NTSTATUS
Definition: precomp.h:26
NTSTATUS WINAPI ElfrReportEventA(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_STRING ComputerName, PRPC_SID UserSID, PRPC_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:992
NTSTATUS WINAPI ElfrBackupELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:787
NTSTATUS WINAPI ElfrChangeNotify(IELF_HANDLE LogHandle, RPC_CLIENT_ID ClientId, ULONG Event)
Definition: rpc.c:433
NTSTATUS WINAPI ElfrCloseEL(PIELF_HANDLE LogHandle)
Definition: rpc.c:333
NTSTATUS WINAPI ElfrNumberOfRecords(IELF_HANDLE LogHandle, PULONG NumberOfRecords)
Definition: rpc.c:353
NTSTATUS WINAPI ElfrReportEventW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:724
NTSTATUS WINAPI ElfrRegisterEventSourceA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:849
NTSTATUS WINAPI ElfrClearELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:289
NTSTATUS WINAPI ElfrOpenBELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:506
NTSTATUS WINAPI ElfrRegisterEventSourceW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:474
NTSTATUS WINAPI ElfrOpenELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:446
NTSTATUS WINAPI ElfrOpenELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:812
NTSTATUS WINAPI ElfrDeregisterEventSource(PIELF_HANDLE LogHandle)
Definition: rpc.c:343
NTSTATUS WINAPI ElfrFlushEL(IELF_HANDLE LogHandle)
Definition: rpc.c:1196
NTSTATUS WINAPI ElfrReadELW(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:530
NTSTATUS WINAPI ElfrClearELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:762
NTSTATUS WINAPI ElfrGetLogInformation(IELF_HANDLE LogHandle, ULONG InfoLevel, PBYTE Buffer, ULONG cbBufSize, PULONG pcbBytesNeeded)
Definition: rpc.c:1144
NTSTATUS WINAPI ElfrReadELA(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:940
NTSTATUS WINAPI ElfrReportEventAndSourceW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:1224
NTSTATUS WINAPI ElfrOpenBELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:897
NTSTATUS WINAPI ElfrBackupELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:313
NTSTATUS WINAPI ElfrOldestRecord(IELF_HANDLE LogHandle, PULONG OldestRecordNumber)
Definition: rpc.c:402
#define ERR(fmt,...)
Definition: precomp.h:57
#define HandleToUlong(h)
Definition: basetsd.h:79
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:608
Definition: bufpool.h:45
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:446
handle_t hBinding
Definition: ctx_c.c:54
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:175
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
#define NULL
Definition: types.h:112
#define TRUE
Definition: types.h:120
#define FALSE
Definition: types.h:117
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
NTSTATUS NTAPI ElfReadEventLogW(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1106
NTSTATUS NTAPI ElfDeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:455
HANDLE WINAPI OpenEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
Definition: eventlog.c:985
NTSTATUS NTAPI ElfChangeNotify(IN HANDLE hEventLog, IN HANDLE hEvent)
Definition: eventlog.c:646
BOOL WINAPI ClearEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:367
BOOL WINAPI GetEventLogInformation(IN HANDLE hEventLog, IN DWORD dwInfoLevel, OUT LPVOID lpBuffer, IN DWORD cbBufSize, OUT LPDWORD pcbBytesNeeded)
Definition: eventlog.c:501
NTSTATUS NTAPI ElfReadEventLogA(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1013
BOOL WINAPI CloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:427
NTSTATUS NTAPI ElfOpenEventLogA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:885
NTSTATUS NTAPI ElfBackupEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:222
BOOL WINAPI GetNumberOfEventLogRecords(IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
Definition: eventlog.c:570
NTSTATUS NTAPI ElfCloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:409
BOOL WINAPI GetOldestEventLogRecord(IN HANDLE hEventLog, OUT PDWORD OldestRecord)
Definition: eventlog.c:619
static RPC_STRING EmptyStringA
Definition: eventlog.c:34
void __RPC_USER EVENTLOG_HANDLE_A_unbind(EVENTLOG_HANDLE_A UNCServerName, handle_t hBinding)
Definition: eventlog.c:79
BOOL WINAPI NotifyChangeEventLog(IN HANDLE hEventLog, IN HANDLE hEvent)
Definition: eventlog.c:670
NTSTATUS NTAPI ElfReportEventA(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PANSI_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1323
BOOL WINAPI ReportEventW(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCWSTR *lpStrings, IN LPVOID lpRawData)
Definition: eventlog.c:1516
NTSTATUS NTAPI ElfOpenBackupEventLogA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING BackupFileNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:693
BOOL WINAPI ClearEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:305
NTSTATUS NTAPI ElfOldestRecord(IN HANDLE hEventLog, OUT PULONG OldestRecordNumber)
Definition: eventlog.c:597
NTSTATUS NTAPI ElfNumberOfRecords(IN HANDLE hEventLog, OUT PULONG NumberOfRecords)
Definition: eventlog.c:548
NTSTATUS NTAPI ElfClearEventLogFileA(IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
Definition: eventlog.c:285
NTSTATUS NTAPI ElfFlushEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:1633
BOOL WINAPI ReportEventA(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCSTR *lpStrings, IN LPVOID lpRawData)
Definition: eventlog.c:1377
handle_t __RPC_USER EVENTLOG_HANDLE_A_bind(EVENTLOG_HANDLE_A UNCServerName)
Definition: eventlog.c:40
NTSTATUS NTAPI ElfBackupEventLogFileA(IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
Definition: eventlog.c:154
HANDLE WINAPI OpenBackupEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpFileName)
Definition: eventlog.c:830
NTSTATUS NTAPI ElfReportEventAndSourceW(IN HANDLE hEventLog, IN ULONG Time, IN PUNICODE_STRING ComputerName, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN PUNICODE_STRING SourceName, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1586
BOOL WINAPI BackupEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:245
HANDLE WINAPI OpenEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:919
NTSTATUS NTAPI ElfClearEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:347
void __RPC_USER EVENTLOG_HANDLE_W_unbind(EVENTLOG_HANDLE_W UNCServerName, handle_t hBinding)
Definition: eventlog.c:134
NTSTATUS NTAPI ElfReportEventW(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1462
BOOL WINAPI ReadEventLogA(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1061
handle_t __RPC_USER EVENTLOG_HANDLE_W_bind(EVENTLOG_HANDLE_W UNCServerName)
Definition: eventlog.c:95
NTSTATUS NTAPI ElfRegisterEventSourceW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:1261
static RPC_UNICODE_STRING EmptyStringU
Definition: eventlog.c:33
HANDLE WINAPI OpenBackupEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpFileName)
Definition: eventlog.c:725
NTSTATUS NTAPI ElfOpenBackupEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING BackupFileNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:797
BOOL WINAPI BackupEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:177
NTSTATUS NTAPI ElfRegisterEventSourceA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:1190
NTSTATUS NTAPI ElfOpenEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:951
BOOL WINAPI ReadEventLogW(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1154
BOOL WINAPI DeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:473
HANDLE WINAPI RegisterEventSourceW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
Definition: eventlog.c:1295
HANDLE WINAPI RegisterEventSourceA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:1224
static const WCHAR Strings[]
Definition: reg.c:35
#define GetProcessHeap()
Definition: compat.h:736
#define ERROR_INVALID_PARAMETER
Definition: compat.h:101
#define SetLastError(x)
Definition: compat.h:752
#define HeapAlloc
Definition: compat.h:733
#define HeapFree(x, y, z)
Definition: compat.h:735
#define HEAP_ZERO_MEMORY
Definition: compat.h:134
@ Success
Definition: eventcreate.c:712
LPWSTR EVENTLOG_HANDLE_W
Definition: eventlogrpc.idl:24
LPSTR EVENTLOG_HANDLE_A
Definition: eventlogrpc.idl:25
struct _FileName FileName
Definition: fatprocs.h:896
unsigned int BOOL
Definition: ntddk_ex.h:94
unsigned long DWORD
Definition: ntddk_ex.h:95
unsigned short WORD
Definition: ntddk_ex.h:93
Status
Definition: gdiplustypes.h:25
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
BOOLEAN NTAPI RtlTimeToSecondsSince1970(PLARGE_INTEGER Time, PULONG ElapsedSeconds)
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define NtCurrentTeb
#define debugstr_w
Definition: kernel32.h:32
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:56
static HANDLE hEvent
Definition: comm.c:54
static PLARGE_INTEGER Time
Definition: time.c:105
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT _In_opt_ PVOID _In_ ULONG DataSize
Definition: ndis.h:4755
_In_ UINT _Out_ PNDIS_HANDLE LogHandle
Definition: ndis.h:5382
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT NumStrings
Definition: ndis.h:4753
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE EventType
Definition: exfuncs.h:167
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:569
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:455
#define L(x)
Definition: ntvdm.h:50
BYTE * PBYTE
Definition: pedump.c:66
DWORD * PDWORD
Definition: pedump.c:68
unsigned short USHORT
Definition: pedump.c:61
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:880
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:510
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:787
RPC_STATUS WINAPI RpcStringBindingComposeA(RPC_CSTR ObjUuid, RPC_CSTR Protseq, RPC_CSTR NetworkAddr, RPC_CSTR Endpoint, RPC_CSTR Options, RPC_CSTR *StringBinding)
Definition: rpc_binding.c:457
RPC_STATUS WINAPI RpcBindingFromStringBindingA(RPC_CSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:840
unsigned short * RPC_WSTR
Definition: rpcdce.h:46
unsigned char * RPC_CSTR
Definition: rpcdce.h:45
#define RPC_S_OK
Definition: rpcnterr.h:22
LONG WINAPI I_RpcMapWin32Status(RPC_STATUS status)
Definition: rpcrt4_main.c:740
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:175
RPC_STATUS WINAPI RpcStringFreeA(RPC_CSTR *String)
Definition: rpcrt4_main.c:158
#define RpcEndExcept
Definition: rpc.h:128
#define RpcTryExcept
Definition: rpc.h:126
#define RpcExcept(expr)
Definition: rpc.h:127
long RPC_STATUS
Definition: rpc.h:52
#define __RPC_USER
Definition: rpc.h:65
#define RpcExceptionCode()
Definition: rpc.h:132
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
Definition: shimtest.c:21
#define TRACE(s)
Definition: solgame.cpp:4
HANDLE UniqueThread
Definition: compat.h:826
HANDLE UniqueProcess
Definition: compat.h:825
Definition: ps.c:97
uint16_t * PWSTR
Definition: typedefs.h:56
uint32_t * PULONG
Definition: typedefs.h:59
char * PSTR
Definition: typedefs.h:51
unsigned char * LPBYTE
Definition: typedefs.h:53
#define NTAPI
Definition: typedefs.h:36
uint32_t * LPDWORD
Definition: typedefs.h:59
#define IN
Definition: typedefs.h:39
uint32_t ULONG
Definition: typedefs.h:59
#define OUT
Definition: typedefs.h:40
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
_In_ LPCSTR lpFileName
Definition: winbase.h:3071
#define EVENTLOG_FULL_INFO
Definition: winbase.h:1154
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:243
#define WINAPI
Definition: msvc.h:6
#define ERROR_INVALID_LEVEL
Definition: winerror.h:196
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2828
#define EVENTLOG_BACKWARDS_READ
Definition: winnt_old.h:2831
#define EVENTLOG_FORWARDS_READ
Definition: winnt_old.h:2830
#define EVENTLOG_SEEK_READ
Definition: winnt_old.h:2829
_In_ DWORD _In_ DWORD _Out_ LPDWORD pcbBytesNeeded
Definition: winsvc.h:425
_In_ DWORD _In_ DWORD cbBufSize
Definition: winsvc.h:424
_In_ DWORD dwInfoLevel
Definition: winsvc.h:422
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1151
const char * LPCSTR
Definition: xmlstorage.h:183
__wchar_t WCHAR
Definition: xmlstorage.h:180
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
char CHAR
Definition: xmlstorage.h:175